McAfee’s Noah Borstad highlights vulnerabilities channel providers can help their SMB customers address.
By Colleen Frye
July 17, 2013
All businesses need to worry about IT security and cyber threats—including SMBs, and in certain cases, especially SMBs, says Noah Borstad, channel account manager at security firm McAfee, an Intel company. Channel partners, he stresses, are in a position to address these vulnerabilities with their SMBs customers and help them shore up their defenses.
McAfee has a database of more than 100,000 new threats coming in every single day, he says, adding that last year the number of vulnerabilities and persistent malware threats passed the one million mark. These threats, he says, “are not just affecting banks, they’re not just affecting major organizations.” Some of these threats “are being specifically targeted to SMBs,” Borstad says. “They’re being targeted to your customers because those are the customers that are most vulnerable.”
He adds, “Half of the SMBs that we talk with, the number one fear is an attack from cyber criminals.”
And they have good reason. For one, he says, SMBs are experiencing a growing threat of website takeovers. McAfee is also seeing increasing attacks being directed at individuals within a small business, trying to entice them to download something or click on a link. “We’re seeing more and more attacks that are being directed at the individuals within the corporation or within that small business. For example, he says, the Zeus Trojan that steals banking information “can siphon off thousands of dollars in about a minute. So when you’re talking about something like that getting into a small business, you’re talking about a huge implication.”
A third area where SMBs are increasingly vulnerable is mobile devices, he says. “The adoption of the iOS devices, the adoption of Android devices, and even Windows mobile devices, has completely changed the threat landscape because now people are walking around with half of their company information in their pocket on their devices, completely unprotected.”
The SMB for the most part has not addressed mobile security, and “doesn’t fully understand the ramifications of the kind of data that is sitting on those devices. So this is one of the biggest areas that you can talk about with your clients that they need to be addressing,” Borstad says.
McAfee is also seeing more targeted attacks to the SMB, he says. “What cyber criminals are realizing is that SMBs are typically the least protected. They’re looking to the SMB as a new revenue stream because it is one of the more unprotected industries out there right now.”
And the reasons are obvious. SMBs have tight, lean budgets and often don’t have dedicated IT or security personnel. A pain point, he says, is the amount of time SMBs are able to spend dealing with security. “What we see is an average of about two hours a day. So a very small portion of their time is actually dedicated towards security.”
So, the questions channel partners need to be asking include: “How do they optimize their environment? How do they work in a manner that allows them to use that two-hour window the most effectively, to be able to address the security needs within their organization and still take care of everything else that’s coming towards them?”
Channel providers, Borstad says, should be helping their SMB customers find solutions that are optimized for the following security priorities: mobility, the use of collaborative tools like videoconferencing, virtualization, and cloud computing.
The risk of not addressing these and other areas? Well, that’s the same for both big and small business: loss of income and reputation. “If you’re a small business in a metro area and your reputation changes—that you now don’t keep your customer information secure, or you don’t keep your network secure—you’re not going to be able to maintain that same integrity in the market space.”